We use a number of scratch environments for development/exploration purposes, which are very useful when we’re deploying AWS CloudFormation templates through Octopus.
I wanted to “clean up” the set of deployments associated with a scratch environment today, in order to experiment with behaviour when the proverbial slate was clean.
I created a new Octopus User, created an API key and added the user to a new Team that had permissions to do the minimum that it needed to do (view some things and delete only deployments in the specific environment).
I can do all the queries I expect to be able to do (view environments, projects, deployments, releases, etc), but I cannot delete a deployment belonging to the environment.
When I try to run the delete, I get the following response from the API:
{
"ErrorMessage": "You do not have permission to perform this action. Please contact your Octopus administrator. Missing permission: DeploymentDelete",
"HelpText": "This action requires permission to delete deployments. At least one of your teams has this permission in a limited scope, but this doesn't cover the project or environment in question. Teams that have enough permission include: {one of my other teams}"
}
As far as I can see, I have all the permissions I need.
I’ve attached the permissions export from within Octopus.
scratch-cleaner-permissions.csv (612 Bytes)